summaryrefslogtreecommitdiff
path: root/tools
diff options
context:
space:
mode:
authorPaolo Bonzini <pbonzini@redhat.com>2018-06-06 17:38:09 +0200
committerPaolo Bonzini <pbonzini@redhat.com>2018-06-12 15:06:34 +0200
commit3c9fa24ca7c9c47605672916491f79e8ccacb9e6 (patch)
tree938330204174cabc88a26f00f72ce8652bcb49c0 /tools
parentce14e868a54edeb2e30cb7a7b104a2fc4b9d76ca (diff)
kvm: x86: use correct privilege level for sgdt/sidt/fxsave/fxrstor access
The functions that were used in the emulation of fxrstor, fxsave, sgdt and sidt were originally meant for task switching, and as such they did not check privilege levels. This is very bad when the same functions are used in the emulation of unprivileged instructions. This is CVE-2018-10853. The obvious fix is to add a new argument to ops->read_std and ops->write_std, which decides whether the access is a "system" access or should use the processor's CPL. Fixes: 129a72a0d3c8 ("KVM: x86: Introduce segmented_write_std", 2017-01-12) Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Diffstat (limited to 'tools')
0 files changed, 0 insertions, 0 deletions